package com.leedsoft.spittr.web;

import com.alibaba.fastjson.JSON;
import com.google.common.collect.Lists;
import com.leedsoft.spittr.model.Model4TestMethodSec;
import com.leedsoft.spittr.model.User;
import com.leedsoft.spittr.service.HomeService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import java.security.Principal;

/**
 * Created by leeds on 2017/11/11.
 */
@Controller
public class LoginController {
    @Autowired
    private HomeService homeService;

    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public String loginPage() {
        return "login";
    }

    @RequestMapping(value = "index", method = RequestMethod.GET)
    public String index(Principal principal) {
        System.out.println("-------------" + principal.getName());
        return "index";
    }

    @RequestMapping(value = "testMethodSecurity", method = RequestMethod.GET)
    @ResponseBody
    public String testMethodSecurity() {
        String s;
        try {
//            s = homeService.testSecurityMethod();
//            s = new Model4TestMethodSec().testSecurityMethod();//被保护方法所在类，必须是spring bean
            User in = new User();
            in.setAge(11);
            in.setName("leeds");
            User in2 = new User();
            in2.setAge(9);
            in2.setName("cong");
            s = JSON.toJSONString(homeService.testPrePostFilter(Lists.newArrayList(in, in2)));
//            s = homeService.testPrePostAuthorize(in).getName();
        } catch (AccessDeniedException e) {
//            s = "你无权限调用testSecurityMethod方法";
            s = "你无权限调用testPrePostAuthorize方法";
        }
        return s;
    }
}
